Tag Archives: GovTech

Best of What’s New in Cybersecurity

Posted on by
Reply

For security professionals, the COVID-19 pandemic represents something of a perfect storm. The risk landscape exploded in a matter of days as state and local agencies rapidly sent thousands of employees home to work remotely. At the same time, security personnel and resources were stretched exceedingly thin, with many security teams redeployed from operational tasks to urgent new projects. Now is the time to reevaluate security tools, processes and strategies in light of these massive COVID-driven changes. Immediate steps include understanding and addressing situations where users may be storing sensitive data on insecure home computing devices, as well as dialing back remote access privileges to reduce the risk of inappropriate access or stolen user credentials. Over the longer-term, agencies must develop better monitoring capabilities that help them spot threat activity and potentially risky user behaviors. Read the latest insights from industry thought leaders in Cybersecurity in Carahsoft’s Innovation in Government® report.

Time to Reevaluate Security PracticesGovTech Oct Cybersecurity Blog Image

“The bottom line is that even the best tool or approach will not fix a bad process. All the zero-trust technology in the world won’t work if your identity and asset management processes give the system bad data. To fully utilize these approaches, agencies must look honestly at their processes and what they’re doing regarding hygiene, security practices and things like that. Organizations also need to determine what they want from these tools, whether the tools align with their best practices and overall security approach, and how these tools impact the way they perform existing processes.”

Read more insights from McAfee’s Chief Technology Strategist, U.S., Sumit Sehgal.

 

Building Resilience through Digital Risk Management

“Planning ahead for how you’ll address problems and putting contingency plans down on paper is an important risk management process. Organizations need good security workflows and a way to aggregate information about their networks, valuable resources and who is doing what in the organization. Then they need plans for triaging the most devastating risks first. It’s impossible to think of every threat, but organizations can start by considering what types of incidents could interfere with critical capabilities and prevent them from completing their mission. With that information, organizations can put together contingency plans, even when they’re not quite sure what potential threat might bring about that particular loss of functionality.”

Read more insights from RSA’s Federal Group Field CTO, Steve Schmalz.

 

Confronting a New Threat Ecosystem

“Understanding your organization and where it fits into the threat ecosystem is probably among the most effective ways to grapple with this issue. In a purely introspective sense, it’s important to understand your corporate network — you need to know which information assets, individuals and applications are likely to be targeted by attackers and then place a higher priority on security alerts and advisories that impact them. Organizations also can narrow the focus of their detection and threat-hunting efforts by understanding the specific attackers that are known to be interested in their industry and geography, and use this knowledge as a preliminary guide.”

Read more insights from FireEye’s Manager of Mandiant Threat Intelligence, Jeremy Kennelly.

 

Remote Work Is Here to Stay

“The secure access service edge (SASE) model lets organizations apply security no matter where their users, applications or services are located. It dictates that enterprise users need access to a variety of business resources and information. To maintain business operability and meet their missions, enterprises must figure out how to do that securely. Secure remote access — which includes secure connectivity, identity access management, access control, continuous validation of secure connectivity throughout an interaction and more — will be the mark of a functioning cybersecurity apparatus moving forward. The other component is being able to scale cybersecurity talent and resources to accommodate growth.”

Read more insights from Palo Alto Networks’ VP and Field CSO, MK Palmore.

 

Addressing Evolving Application Threats

“No matter who comes through the door, you have to verify everything about them and that verification must follow them through the system. Organizations can’t just check a user’s ID, give them a password and be done with it. It’s a continuous process of authentication. When a user attempts to move from one part of a system to another — for example, if a person applies for unemployment insurance, but they logged in through a parking application — the organization may want to require additional authentication or scrutinize the user more deeply. Access is not all or nothing. There’s a granular dial that you’re turning up and down based on what a user is doing within the system.”

Read more insights from F5 Labs’ Director, Raymond Pompon.

 

Taking Threat Detection and Response to the Next Level

“A lot of the change comes from having to support a large remote workforce. Regular system maintenance tasks like vulnerability scanning and software patching have changed dramatically. In the past, patching technologies assumed that systems were physically on the same network or would ultimately be connected via a virtual private network. As users’ machines move off the network, they get scanned less often, if at all. Remote work and increasing reliance on SaaS have really highlighted the need for zero-trust networks, where services require not only a trusted user but also protection of the data viewed and saved from these services.”

Read more insights from SecureWorks’ Chief Threat Intelligence Officer, Barry Hensley.

 

 

Download the full Innovation in Government® report for more insights from these government cybersecurity thought leaders and additional industry research from GovTech.

Best of What’s New in Health and Human Services

Posted on by
Reply

The COVID-19 pandemic is forcing dramatic modernization. Driven by urgent social distancing requirements, Health and Human Services (HHS) organizations virtualized an array of services that traditionally have been performed face-to-face, and unlike typical HHS modernization projects, these changes happened with unprecedented speed. And although these moves were made in immediate response to the COVID pandemic, they’re likely to have long-term impacts on the digital experience for HHS clients, how and where HHS staff members work, and how these organizations purchase and deploy technology. Pandemic-driven uptake of virtual work and digital services could have long-term positive impacts on HHS workforces and the clients they serve; internally, these changes could improve employee satisfaction and retention within HHS organizations. Learn the latest insights from industry thought leaders in healthcare in Carahsoft’s Innovation in Government® report.

Focusing on Outcomes that MatterIIG GovTech September 2020 Health Blog Image

“One place that organizations get stuck is in ‘good enough.’ Unless something’s horribly broken, they stay with what works today instead of pursuing continuous improvement cycles that include customer satisfaction. Organizations that are satisfied with their current operation and their current level of service tend not to want to adopt — or can’t adopt quickly — opportunities that digital technology can offer. Change is exponentially more difficult to execute without a culture that pursues excellence in service quality. To foster a culture that responds to and embraces change, it’s important to adopt a quality approach like Lean or another continuous improvement cycle.”

Read more insights from Salesforce’s Health and Human Services Industry Executive, Rod Bremby.

 

Using Data to Lead Through Change

“The reality is there will never be a truly perfect dataset. Early in the pandemic, I supported agencies that knew their data wasn’t perfect, but they also knew they had to save lives. They executed without hesitation; they built analytical dashboards and evolved them as processes and data collection capabilities improved. That approach enabled them to make increasingly better, more rapid decisions. Other agencies are still working through multiple iterations to get their data and reporting just right; meanwhile they are not making data-informed decisions. This pandemic has proven that it’s the unknown questions that we discover along the way that create change and ultimately drive progress.”

Read more insights from Tableau’s Senior Manager of Solution Engineering, Anthony Young.

 

Virtualization: Rapid, Flexible and Cost-Effective Path to Digital Transformation

“Organizations that are most effective in modernizing their application portfolios do three things well: 1) crafting an application modernization strategy to identify what to modernize and how to do it; 2) crafting a cloud strategy to determine how to integrate cloud services into their modernization strategy; and 3) standardizing on a single platform to build, run, manage and secure applications running in a multi-cloud environment. This platform provides a single pane of glass through which organizations can develop and deploy modern container-based applications across a multicloud environment. Virtualization technologies for things like cloud load-balancing, firewalls and software-defined networking further enable organizations to integrate cloud services with their on-premises workloads while providing robust end-to-end security.”

Read more insights from VMware’s State and Local EducVMwareation Strategist, Herb Thompson.

 

Integrating the Continuum of Care

“Enterprise iPaaS helps integrate disparate or hybrid architectures across the continuum of care. It provides a single instance, multitenant architecture that frees organizations from having to do things like manage code versions. iPaaS also lets organizations modernize without replacing everything they currently use. They can augment and move forward to support low code, agility, and intelligence and insights. That creates a very high return on investment because organizations can focus on their business initiatives and clinical or business outcomes instead of undertaking enterprise IT projects.”

Read more insights from Dell Boomi’s Healthcare CTO Evangelist, John Reeves.

 

Improving Citizens’ Digital Journey Through HHS

“The two key pillars of creating exceptional digital experiences are content and data, and artificial intelligence (AI) and machine learning (ML) can help with both. Using AI and ML, organizations can automate repetitive tasks that prevent them from producing and personalizing content at scale and on every single device. For example, organizations can use the Dell Boomi Enterprise IPaaS platform to automate aspects of website design, layout and creation, as well as the conversion of PDFs to adaptive interactive forms. In terms of data, organizations can use AI to sift through volumes of data and unlock insights that help them understand customers, predict trends, monitor unusual activity and act faster.”

Read more insights from Adobe’s Health and Human Services Director, Megan Atchley.

 

Re-Imagining Healthcare

“Organizations can use AI and ML to look at data in its entirety and automate processes that improve the patient experience and patient care. In addition, AI and ML can help healthcare organizations understand and improve revenue cycle management and internal operations. Chatbots are another emerging technology. With the appropriate bot framework, organizations can quickly develop intelligent, automated questionnaires that patients can step through to find out whether they need a COVID test or a checkup, for example. The chatbot uses their responses to move them to the next appropriate step in the care plan. Collaboration technologies also have become more important for effective virtual visits with patients and for virtual consultations between clinicians.”

Read more insights from Microsoft’s U.S. Chief Medical Officer, Clifford Goldsmith.

 

Download the full Innovation in Government® report for more insights from these healthcare thought leaders and additional industry research from GovTech.

Best of What’s New In Data, Identity and Privacy

Posted on by
Reply

Last year, state lawmakers across the nation introduced hundreds of privacy bills. One of the most prominent pieces of legislation — the California Consumer Privacy Act (CCPA) — took effect in January, marking the first of potentially many state-level attempts to emulate the European Union’s groundbreaking General Data Protection Regulation (GDPR), which gave EU residents more control over how organizations use their personal information. All of this points to a dramatic shift in how state and local government agencies must manage and protect data. Fortunately, technology tools available to help the public sector address privacy challenges are growing smarter and more sophisticated. Learn the latest insights from industry thought leaders in Data, Identity and Privacy in Carahsoft’s Innovation in Government® report.

IIG GovTech July 2020 Data Identity Privacy Blog ImageProtecting the Data That Matters Most

“Organizations should avoid the temptation to skip requirements and get things out there quickly. This crisis forced organizations to establish work-from-home policies overnight. Work-from-home technologies — whether employee-owned or government issued — must incorporate the organization’s security processes and policies around sensitive data. Government-issued laptops should have remote access capability to keep OS and security product patches up to date, ensure VPN connections are working and generally maintain security standards. It’s also important to conduct and continually reinforce security awareness training focused specifically on working at home or remotely. Then, make the new normal as simple as possible; have everything in place for users to just basically turn on their laptop and log into the system.”

Read more insights from Dell Technologies’ Chief Strategy and Innovation Officer of State and Local Government, Tony Encinias.

 

Simple, Smart and Fast: Search-Driven Analytics for Data Privacy and Compliance  

“Clearly defined use cases are critical. What questions do agencies need to answer to fulfill their mission, and what data do they need to obtain those answers? Once you find that data, how do you store it, and how do you track compliance requirements on that data? How do you enable data sharing and transparency without interfering with privacy and security? Another critical piece is the criteria and best practices used for tool selection. Can you get to granular levels of data and customize security clearances down to the role level or column level so you can govern who’s seeing what without having to create duplicate data lakes for each department? That can create a lot of economies of scale and enable organizations to more easily and confidently share data across agencies.”

Read more insights from ThoughtSpot’s Senior Director of Global Public Sector and Industry Alliances, Helen Xing.

 

Using a Data-Centric Approach to Reduce Risk and Manage Disruption  

“AI and ML have a lot of potential to streamline privacy and compliance, but they also come with certain risks. For example, AI/ML require systems to be trained. If systems are trained inadequately or with inaccurate data, the result may be poor decisions that ultimately cause more damage than good. This is why, as discussions about the use of AI and ML continue, we expect to see more emphasis on accountable development and usage. In practice, this means having requirements around transparency of AI usage, decisions and data quality, as well as robustness in terms of AI security and resilience.”

Read more insights from Broadcom’s Global CTO and Chief Architect for Symantec Enterprise Division, Paul Agbabian.

 

Leading Through Change  

“People have been self-servicing analytical needs for years because they need to answer their own questions rapidly. But are people asking the right questions and are they doing all that in the most efficient digital forms? Proficiency is one of the core capabilities defined in the Tableau Blueprint, which is a prescriptive, proven methodology for becoming a more data driven organization. Proficiency speaks to the need to educate people to see and understand data for decision-making. That includes educating them on how to work with data, measuring the value that they derive from their use of data, and institutionalizing best practices that drive behavior change and informed decision-making.”

Read more insights from Tableau’s Senior Manager of Customer Success, Jeremy Blaney.

Download the full Innovation in Government® report for more insights from these Government Data, Identity and Privacy thought leaders and additional industry research from GovTech.

The Best of What’s New in Government Performance and Innovation

Posted on by
Reply

The COVID-19 crisis underscores the growing importance of data analytics to state and local governments as they tackle complex challenges. It also shows how technological improvements are making data-driven insights easier to achieve and share. Although the COVID-19 response kicked public sector data analytics efforts into high gear, states and localities have been steadily working to become more data-driven over the past several years. Twenty-eight states now have a chief data officer (CDO), and similar positions are found throughout local government. The rise of the CDO is just one indication of the push among states and localities to use data to improve internal operations, strengthen citizen services, improve safety, and boost transparency and engagement. Learn the latest insights from industry thought leaders in government performance and innovation initiatives in Carahsoft’s Innovation in Government® report.

Continue reading